Join the community today
Register Now

pure-ftpd not working with TLS

Discussion in 'Beta release code' started by Matt, Jan 18, 2019.

  1. Matt

    Matt Well-Known Member

    925
    414
    63
    May 25, 2014
    Rotherham, UK
    Ratings:
    +669
    Local Time:
    1:47 PM
    1.5.15
    MariaDB 10.2
    Please fill in any relevant information that applies to you:
    • CentOS Version: i.e. CentOS 6 64bit
    • Centmin Mod Version Installed: 123.09beta01
    • When was last time updated Centmin Mod code base ? : just now
    Code:
    Error:    GnuTLS error -50 in gnutls_priority_set_direct: The request is invalid.
    Error:    Failed to initialize TLS.
    Trace:    CRealControlSocket::DoClose(66)
    Trace:    CControlSocket::DoClose(66)
    Trace:    CFtpControlSocket::ResetOperation(66)
    Trace:    CControlSocket::ResetOperation(66)
    Error:    Could not connect to server
    Trace:    CFileZillaEnginePrivate::ResetOperation(66)
    Status:    Waiting to retry...
    Trace:    CRealControlSocket::DoClose(66)
    Trace:    CControlSocket::DoClose(66)
    Trace:    CControlSocket::DoClose(66)
    Trace:    CControlSocket::SendNextCommand()
    Trace:    CFtpLogonOpData::Send() in state 0
    Status:    Connecting to 104.237.145.33:21...
    Status:    Connection established, initializing TLS...
    Error:    GnuTLS error -50 in gnutls_priority_set_direct: The request is invalid.
    Error:    Failed to initialize TLS.
    Trace:    CRealControlSocket::DoClose(66)
    Trace:    CControlSocket::DoClose(66)
    Trace:    CFtpControlSocket::ResetOperation(66)
    Trace:    CControlSocket::ResetOperation(66)
    Error:    Could not connect to server
    Trace:    CFileZillaEnginePrivate::ResetOperation(66)
    


     
  2. eva2000

    eva2000 Administrator Staff Member

    53,178
    12,112
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,647
    Local Time:
    10:47 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    which specific version of centos 6 ? 6.10 ? fresh install or existing centos 6.10 install ?

    any yum updates outstanding ? i.e. for gnutls ?

    what sftp/ftp client used ? filezilla Bug #1798767 “filezilla can not connect to tls sites anymore” : Bugs : filezilla package : Ubuntu ?

     
  3. eva2000

    eva2000 Administrator Staff Member

    53,178
    12,112
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,647
    Local Time:
    10:47 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    seems maybe related 1029485 – Filezilla 3.7.3 is unable to connect to FTP over explicit SSL

     
  4. eva2000

    eva2000 Administrator Staff Member

    53,178
    12,112
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,647
    Local Time:
    10:47 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    also what's output for command
    Code (Text):
    cat /etc/pure-ftpd/pure-ftpd.conf | grep -i TLS
    
     
  5. Matt

    Matt Well-Known Member

    925
    414
    63
    May 25, 2014
    Rotherham, UK
    Ratings:
    +669
    Local Time:
    1:47 PM
    1.5.15
    MariaDB 10.2
    CentOS6.10, but it's an old install. Server is several years old now.

    I've set that to 0 so it will work without encryption.
     
  6. eva2000

    eva2000 Administrator Staff Member

    53,178
    12,112
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,647
    Local Time:
    10:47 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Not ideal for security for ftp though. Tried different sftp/ftp client other than filezilla ?

    i tried latest filezilla on windows 10 with centos 6.10 and pure-ftpd connects fine via explicit TLS
     
  7. Matt

    Matt Well-Known Member

    925
    414
    63
    May 25, 2014
    Rotherham, UK
    Ratings:
    +669
    Local Time:
    1:47 PM
    1.5.15
    MariaDB 10.2
    I know, but needed to test the credentials were OK.

    I've not tried another client myself, as I've just swapped my desktop to Ubuntu 18.10 so still setting everything up.
     
  8. eva2000

    eva2000 Administrator Staff Member

    53,178
    12,112
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,647
    Local Time:
    10:47 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    From what i read online the problem might be due to Ubuntu 18.10's gnutls package and TLS cipher incompatibility with what Filezilla is negotiating
     
  9. Matt

    Matt Well-Known Member

    925
    414
    63
    May 25, 2014
    Rotherham, UK
    Ratings:
    +669
    Local Time:
    1:47 PM
    1.5.15
    MariaDB 10.2
    Yeah, I've just tested on Windows 10 on my laptop and it works with TLS enabled again.
     
  10. eva2000

    eva2000 Administrator Staff Member

    53,178
    12,112
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,647
    Local Time:
    10:47 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+